Data Protection Engineer II

Description

You will be responsible for the design, perform operations, engineering, automation, and daily management of Crypto infrastructure, which includes Windows and Linux servers, COTS appliances, and Hardware Security Modules (HSMs) to provide cryptographic capabilities to customers. Your primary focus will be on key management, data, and database security.

You will report to the Director of Data Protection.

Encryption Engineer Functions

• Explain the Integration guides and follow the steps to integrate encryption and key management as applicable. Work under the guidance of the manager to execute integrations/maintenance of existing integrations following the team's and managers guidance.

• Collaborate with the Manager to Identify capability gaps and operational inconsistencies within the Data Protection controls environment and develop a plan to address through product enhancement, reconfiguration, upgrades and/or automation of processes

Encryption Engineer Responsibilities

• Report progress against Plan weekly

• Provide inputs to Refresh Data Protection roadmap/s quarterly

• Ensure Technical and Process documentation is 100% current all the time (all changes thoroughly documented)

• Ensure new builds/integrations/agent implementation follow operational readiness processes, are documented, health/performance KPI's are defined and in place, and monitoring and alerting is in place before promoting to production

• Follow change governance and guidance from the team (including documented processes where available and applicable)

• Demonstrate continual progress toward obtaining a security-specific (or specific security product certification)- or maintain a current certification

• Complete two career-related training courses per year

• Attend lunch and learn sessions to share knowledge with Engineering group

Qualifications

• 3+ years of experience as a Data Encryption Engineer

• Experience guiding and training development teams on how to encrypt data on premises or the cloud and how to manage the lifecycle around the encryption keys and store them securely.

• Experience using AWS KMS, Cloud HSM, Gemalto/ Thales HSM or Key Management will be required.

• Experience working with business teams to understand and document encryption and Key Management strategy of IT driven products and services.

• Beneficial experience architecting and implementing encryption strategies on AWS, Azure on Google cloud including working on CMKs and integrating with a third party HSM "provider"

• Experience setting up, managing and running PKI and automating certificate lifecycle management

• Spoken and written English capability is required. Portuguese proficiency desired.

Additional Information

This is a permanent home-based role in Costa Rica. No relocation available.

Our benefits include: Medical, life, vision and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Birthday day off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, color, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

#LI-Remote